Friday, May 5, 2017

One of the most remembered moments of every Spiderman’s fan happens in the beginnings of the wall-crawler. With his newly acquired powers, Peter Parker passes from a nerd that everyone abused in class, to someone arrogant that had nothing to do with that young man with a good heart. His uncle Ben, aware of this attitude change (although not aware of Peter's powers), tells him about his father and tells him a phrase he will never forget: "with great power comes great responsibility."

Today in our review of the week at the best in cybersecurity, we could not help remembering the words of the wise Uncle Ben. The expenses for gaps, holes in network protocols and other incidents that make us think that we need advice like those from Uncle Ben regards cybersecurity.
A perfect example of a lack of responsibility came earlier this week when we discovered that an Alameda County judge dismissed the lawsuit demanding the repair of the software by which more than 1,000 people had been wrongfully imprisoned. And in this case, who takes responsibility for this flagrant failure?

And speaking of lack of responsibility, yesterday we found out that a hole in the network protocol was responsible for recent attacks on bank accounts around the world. This bug, which affected all mobile phone providers in the world, exploited a vulnerability found in Signaling System No. 7, a telephone signaling language. The result has been that many customers have seen their bank accounts volatilized.

Discovering these cases, we are not surprised by the conclusions drawn by the report collected by Glasswall. It surveyed 1,000 workers of medium and large companies in the United States. One of the scariest data is that half of those surveyed said that their company does not have a clear policy with the attachments. If we add that 6 out of 10 employees do not check the return address of their e-mails... we are in trouble.

Of course, this lack of responsibility has its consequences. According to a study by Kaspersky Lab and B2B International, incidents of cybersecurity cost almost one million euros (926,000) on average to financial institutions for each attack. Given the seriousness of the figures, it is shocking that there is no more interest in avoiding these attacks.

However, not all companies are as irresponsible as we might expect. We started the week with a new malware affecting iOS: OSX / Dok. The good news is that the same Wednesday, Apple security officials released an update that canceled the developer's certificate, making its users safe.

Those who are fan of the wall-crawler will know that the phrase "with great power comes great responsibility" is what leads Peter Parker to become Spiderman. We hope that sooner or later all companies will have someone to serve as "Jiminy Cricket" and that their safety will become worthy of superheroes.